AWS Managed VPN

Amazon VPC provides the option of creating an IPsec VPN to connect
your remote networks with your Amazon VPCs over the internet. You
can take advantage of multiple VPN connections to route traffic
between your Amazon VPCs as shown in the following figure.

Figure Routing traffic between VPCs

We recommend this approach when you want to take advantage of AWS
managed VPN endpoints including the automated multi-data center
redundancy and failover built into the AWS side of each VPN
connection. Although not shown, the Amazon virtual private gateway
represents two distinct VPN endpoints, physically located in
separate data centers to increase the availability of each VPN
connection.

Amazon virtual private gateway also supports multiple customer
gateway connections (as described in the
Network-to-Amazon VPC Connectivity Options and AWS managed VPN sections
and shown in the figure Redundant AWS managed VPN connections),
allowing you to implement redundancy and failover on your side of
the VPN connection. This solution can also leverage BGP peering to
exchange routing information between AWS and these remote
endpoints. You can specify routing priorities, policies, and
weights (metrics) in your BGP advertisements to influence the
network path traffic will take to and from your networks and AWS.

This approach is suboptimal from a routing perspective since the
traffic must traverse the internet to get to and from your
network, but it gives you a lot of flexibility for controlling and
managing routing on your local and remote networks, and the
potential ability to reuse VPN connections.